CVEs from 2018
Total
3,289
critical
critical 225
high
high 266
medium
medium 224
low
low 32
% Critical
6.8%
% with KEV
2.7%
% with exploit
2.8%
Top vendors
- frappe 4
- redhat 2
- magix 1
- mybb 1
- gitbucket 1
- qemu 1
- dragonexpert 1
- kingsoftstore 1
Top products
- erpnext 4
- terminal_services_manager 1
- ultraiso 1
- dolibarr_erp\/crm 1
- gitbucket 1
- pdfunite 1
- qemu 1
- virtualization_manager 1
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2018-0167 | unknown | — | 1.5 | 4y ago | There is a buffer overflow vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthentic… | |
| CVE-2018-8581 | unknown | — | 1.5 | 4y ago | A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server. | |
| CVE-2018-0156 | unknown | — | 1.5 | 4y ago | A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a … | |
| CVE-2018-0179 | unknown | — | 1.5 | 4y ago | A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial … | |
| CVE-2018-0154 | unknown | — | 1.5 | 4y ago | A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial-of-service … | |
| CVE-2018-0174 | unknown | — | 1.5 | 4y ago | A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow for denial-of-service (DoS). | |
| CVE-2018-0173 | unknown | — | 1.5 | 4y ago | A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets can allow for denial-of-service (DoS). | |
| CVE-2018-0151 | unknown | — | 1.5 | 4y ago | A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition … | |
| CVE-2018-15982 | unknown | — | 1.5 | 4y ago | Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability | |
| CVE-2018-8174 | unknown | — | 1.5 | 4y ago | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution" | |
| CVE-2018-20250 | unknown | — | 1.5 | 4y ago | WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution | |
| CVE-2018-8453 | unknown | — | 1.5 | 4y ago | Microsoft Windows Win32k contains a vulnerability that allows an attacker to escalate privileges. | |
| CVE-2018-13382 | unknown | — | 1.5 | 4y ago | An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password. | |
| CVE-2018-13383 | unknown | — | 1.5 | 4y ago | A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users. | |
| CVE-2018-14847 | unknown | — | 1.5 | 5y ago | MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability i… | |
| CVE-2018-13379 | unknown | — | 1.5 | 5y ago | Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource request… | |
| CVE-2018-2380 | unknown | — | 1.5 | 5y ago | SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users. | |
| CVE-2018-0798 | unknown | — | 1.5 | 5y ago | Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. … | |
| CVE-2018-20062 | unknown | — | 1.5 | 5y ago | ThinkPHP "noneCms" contains an unspecified vulnerability that allows for remote code execution through crafted use of the filter parameter. | |
| CVE-2018-0802 | unknown | — | 1.5 | 5y ago | Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. … | |
| CVE-2018-4939 | unknown | — | 1.5 | 5y ago | Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution. | |
| CVE-2018-4878 | unknown | — | 1.5 | 5y ago | Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution. | |
| CVE-2018-8653 | unknown | — | 1.5 | 5y ago | Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution. | |
| CVE-2018-15961 | unknown | — | 1.5 | 5y ago | Adobe ColdFusion contains an unrestricted file upload vulnerability that could allow for code execution. | |
| CVE-2018-14558 | unknown | — | 1.5 | 5y ago | Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows… | |
| CVE-2018-0171 | unknown | — | 1.5 | 5y ago | Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or p… | |
| CVE-2018-0296 | unknown | — | 1.5 | 5y ago | Cisco Adaptive Security Appliance (ASA) contains an improper input validation vulnerability with HTTP URLs. Exploitation could allow an attacker to cause a denial-of-service (DoS) condition or inform… | |
| CVE-2018-15811 | unknown | — | 1.5 | 7y ago | DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. | |
| CVE-2018-18325 | unknown | — | 1.5 | 7y ago | DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch f… | |
| CVE-2018-11776 | unknown | — | 1.5 | 8y ago | Apache Struts vulnerable to remote command execution (RCE) due to improper input validation | |
| CVE-2018-1273 | unknown | — | 1.5 | 8y ago | Spring Data Commons remote code injection vulnerability | |
| CVE-2018-7750 | unknown | — | 1.0 | 8y ago | transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 d… | |
| CVE-2018-17967 | unknown | — | — | — | ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c. | |
| CVE-2018-8960 | unknown | — | — | — | The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read. | |
| CVE-2018-11646 | unknown | — | — | — | webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unse… | |
| CVE-2018-4121 | unknown | — | — | — | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. … | |
| CVE-2018-4113 | unknown | — | — | — | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. … | |
| CVE-2018-4122 | unknown | — | — | — | An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. … | |
| CVE-2018-5802 | unknown | — | — | — | An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memor… | |
| CVE-2018-10907 | unknown | — | — | — | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attac… | |
| CVE-2018-10911 | unknown | — | — | — | A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict … | |
| CVE-2018-10923 | unknown | — | — | — | It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and re… | |
| CVE-2018-14348 | unknown | — | — | — | libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information. | |
| CVE-2018-15919 | unknown | — | — | — | Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states … | |
| CVE-2018-19216 | unknown | — | — | — | Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. | |
| CVE-2018-19115 | unknown | — | — | — | keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validat… | |
| CVE-2018-19046 | unknown | — | — | — | keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expecte… | |
| CVE-2018-14622 | unknown | — | — | — | A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the serve… | |
| CVE-2018-15173 | unknown | — | — | — | Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service. | |
| CVE-2018-5099 | unknown | — | — | — | A use-after-free vulnerability can occur when the widget listener is holding strong references to browser objects that have previously been freed, resulting in a potentially exploitable crash when th… | |
| CVE-2018-11780 | unknown | — | — | — | A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2. | |
| CVE-2018-16423 | unknown | — | — | — | A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a de… | |
| CVE-2018-16393 | unknown | — | — | — | Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to sup… | |
| CVE-2018-15687 | unknown | — | — | — | A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239. | |
| CVE-2018-16369 | unknown | — | — | — | XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE… | |
| CVE-2018-18454 | unknown | — | — | — | CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | |
| CVE-2018-8786 | unknown | — | — | — | FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably ev… | |
| CVE-2018-16860 | unknown | — | — | — | A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4.9.x up to, excluding 4.9.8 and 4.10.x up to, excluding 4.10.3, when used in AD DC mode. A man in the … | |
| CVE-2018-10360 | unknown | — | — | — | The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file. | |
| CVE-2018-12015 | unknown | — | — | — | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink a… | |
| CVE-2018-18314 | unknown | — | — | — | Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |
| CVE-2018-2811 | unknown | — | — | — | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). Supported versions that are affected are Java SE: 8u162 and 10. Difficult to exploit vulnerability allows unauthentic… | |
| CVE-2018-11813 | unknown | — | — | — | libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. | |
| CVE-2018-4180 | unknown | — | — | — | In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | |
| CVE-2018-4183 | unknown | — | — | — | In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. | |
| CVE-2018-4300 | unknown | — | — | — | The session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected ve… | |
| CVE-2018-17100 | unknown | — | — | — | An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a cra… | |
| CVE-2018-17795 | unknown | — | — | — | The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecif… | |
| CVE-2018-10906 | unknown | — | — | — | In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_oth… | |
| CVE-2018-19478 | unknown | — | — | — | In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file. | |
| CVE-2018-6536 | unknown | — | — | — | An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes … | |
| CVE-2018-8098 | unknown | — | — | — | Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via… | |
| CVE-2018-8804 | unknown | — | — | — | WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified oth… | |
| CVE-2018-8019 | unknown | — | — | — | When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly ident… | |
| CVE-2018-2796 | unknown | — | — | — | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedde… | |
| CVE-2018-3209 | unknown | — | — | — | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). The supported version that is affected is Java SE: 8u182. Difficult to exploit vulnerability allows unauthenticated at… | |
| CVE-2018-1000205 | unknown | — | — | — | U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially cra… | |
| CVE-2018-10839 | unknown | — | — | — | Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the netw… | |
| CVE-2018-10871 | unknown | — | — | — | 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores… | |
| CVE-2018-19214 | unknown | — | — | — | Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. | |
| CVE-2018-19215 | unknown | — | — | — | Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. | |
| CVE-2018-7326 | unknown | — | — | — | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type. | |
| CVE-2018-19518 | unknown | — | — | — | University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_a… | |
| CVE-2018-20022 | unknown | — | — | — | LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can… | |
| CVE-2018-4375 | unknown | — | — | — | Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8. | |
| CVE-2018-16429 | unknown | — | — | — | GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). | |
| CVE-2018-12180 | unknown | — | — | — | Buffer overflow in BlockIo service for EDK II may allow an unauthenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via network access. | |
| CVE-2018-5741 | unknown | — | — | — | To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the t… | |
| CVE-2018-5089 | unknown | — | — | — | Memory safety bugs were reported in Firefox 57 and Firefox ESR 52.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploit… | |
| CVE-2018-5148 | unknown | — | — | — | A use-after-free vulnerability can occur in the compositor during certain graphics operations when a raw pointer is used instead of a reference counted one. This results in a potentially exploitable … | |
| CVE-2018-10846 | unknown | — | — | — | A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in… | |
| CVE-2018-1000654 | unknown | — | — | — | GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_obje… | |
| CVE-2018-8976 | unknown | — | — | — | In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | |
| CVE-2018-15853 | unknown | — | — | — | Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to crash xkbcommon users by supplying a crafted keymap file that triggers… | |
| CVE-2018-10242 | unknown | — | — | — | Suricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c… | |
| CVE-2018-1060 | unknown | — | — | — | python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service. | |
| CVE-2018-20406 | unknown | — | — | — | Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion… | |
| CVE-2018-20749 | unknown | — | — | — | LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. | |
| CVE-2018-1000168 | unknown | — | — | — | nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service… | |
| CVE-2018-5104 | unknown | — | — | — | A use-after-free vulnerability can occur during font face manipulation when a font face is freed while still in use, resulting in a potentially exploitable crash. This vulnerability affects Thunderbi… |